from Net Politics and Digital and Cyberspace Policy Program

Cyber Week in Review: February 22, 2019

Tourists walk around the forecourt of Australia's Parliament House in Canberr David Gray / Reuters

This week: Australia's parliament hacked; CrowdStrike's new report; Fancy Bear is back; and is the U.S. overplay its hand with Huawei?

February 22, 2019

Tourists walk around the forecourt of Australia's Parliament House in Canberr David Gray / Reuters
Blog Post
Blog posts represent the views of CFR fellows and staff and not those of CFR, which takes no institutional positions.

Here is a quick round-up of this week’s technology headlines and related stories you may have missed:

Hacks Down Under. Australia’s prime minister is blaming a “sophisticated state actor” for a string of recent hacks on Parliament’s networks just before a major election. While officials are not calling the attacks an attempt at influencing the election, the timing has raised fears that a foreign country—possibly Russia orChina—will attempt to influence the outcome. China, in particular, has been singled out as a likely culprit: Australian think tanks have long warned about the possibility of Chinese interference in Australian politics, and Canberra’s ban on Chinese telecommunication company Huawei might have offered China a reason to meddle further. 

More on:

Cybersecurity

China

Australia

Faster, Stealthier, Better. 2018 might have lacked ‘blockbuster’ state-sponsored cyberattacks like 2017’s NotPetya, but according to CrowdStrike, state-sponsored hackers have continued to hone their craft. They are getting better at breaking into systems, moving faster once in, and doing a better job of covering their tracks once they’re done. In its first-ever adversary report, CrowdStrike measured the growing sophistication of state-based actors based on ‘breakout time’—a metric that covers the time it takes for “intruder to begin moving laterally, beyond the initial beachhead they’ve established, to other systems in the network.” The company’s researchers explain speed is a good measure of overall sophistication in cyber operations. Unsurprisingly, Russia comes out on top in the Crowdstrike ranking, setting a remarkable 19 minutes breakout time average. North Korea (2h 20m), China (4h), and Iran (5h 9m) are behind. What’s interesting is how much faster state actors are than your average hardened cybercriminal (9h 42m).

Fancy Bear Strikes Again. According to Microsoft APT 28, also known as Fancy Bear, is targeting civil society groups across Europe in an effort to influence the upcoming European election. In a blog post, Microsoft says the state-sponsored hacking group is responsible for targeting politicians, campaigns, and organizations viewed as unfriendly to Russia. What’s impressive about the campaign is the broad assortment of targets: Fancy Bear has targeted at least 104 accounts in countries like Belgium, France, Germany, Poland, Romania, and Serbia. Fancy Bear, of course, is infamous from the 2016 Democratic National Committee hacking.

Who is Huawei’d now? The Trump administration’s campaign to pressure Europe to give up Huawei hit a snag this week, after the UK indicated that it would not ban Huawei from the country’s 5G build-out. In a blog post, Ian Levy, the technical director of Britain’s National Cyber Security Centre (NCSC), said that Britain could manage the security risks associated with using Huawei telecoms equipment. The statement is notable because other countries including Germany and New Zealand have been on the fence about barring Huawei from their mobile networks. Rather than give into allies’ apprehensions, the United States appears to be upping the ante. In a warning to European allies this week, U.S. Secretary of State Mike Pompeo said that the United States would stop cooperating with countries that install Huawei equipment in their core network.

More on:

Cybersecurity

China

Australia

Creative Commons
Creative Commons: Some rights reserved.
Close
This work is licensed under Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International (CC BY-NC-ND 4.0) License.
View License Detail
Close